you cannot do both encrypted and unencrypted traffic on the same port, you have
to pick which you use. If you try to do a health check to that port, you will
either get an error like you are describing, or you will need to do the check
via TLS.
depending on how you have rsyslog configured, it may or may not require a client
cert.
David Lang
On Thu, 6 Jul 2023, Andrew Cowan via rsyslog wrote:
Hi,
I am getting the below error messages on my rsyslog server.
verify error:num=20:unable to get local issuer certificate
verify error:num=21:unable to verify the first certificate
TLS connection doesn't appear to be working from client -> rsyslog server on
6514.
Looks like a TLS handshake issue, and maybe unable to establish an encrypted
channel.
Questions.
1. Is there anyway to disable to test. Can send on unencrypted UDP/TCP ok
between client/server.
1. Does the client need a cert. My understanding is it only needs the CA cert?
Any help appreciated.
Thanks,
Andrew
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
